3 matches found
Malicious code in getd-eslint-rules (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17328047b2ec8dce82cfbdfd5b16c8f862d51dca26b02c9801587c220a48975a On npm install, postinstall.js collects host identifiers os.hostname, os.userInfo username, os.platform, current working directory, CI environment...
Malicious code in gethandler-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b6925d4c07df297f8cb573df4d85a396794d8793179e7a97f2cfde3aadfcfbc On npm install, postinstall.js unconditionally sends an HTTPS GET to https://webhook.site/18dc4281-d366-438a-9186-76fbcd56ade5 carrying the installer...
Malicious code in nvidia-nat-semantic-kernel (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe66a4b0f7f00b8e8a9abd877b3ab0531d56906cc11f6fa6ecaddd4b0bebbbe1 The package's METADATA declares Requires-Dist: ruamel-yaml-clibz==0.3.5, a typosquat of the well-known ruamel-yaml-clib note the trailing 'z'...